VMware Virtual Appliances Community
andy_mac
Enthusiast
Enthusiast

ESVA 1.6

This is the forum to discuss ESVA 1.6 matters.

VMTN Appliance listing: http://www.vmware.com/vmtn/appliances/directory/542

Website: http://www.global-domination.org/ESVA/16

-Andy

Reply
0 Kudos
118 Replies
griff158
Contributor
Contributor

Andy,

I love your product (forgot to mention this earlier). Postgrey isn't starting either for me, i tried reinstalling but to no avail. If anyone comes up with a solution it would be greatly appreciated.

My workaround for now is that i just commented out the check_policy_service inet:127.0.0.1:60000 in smtpd_recipient_restrictions in the main.cf of postfix

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Sorry I've taken so long to get back to you...

I need to have a good look at this - I'll make some time this evening - I have an idea, but i'll let you know when I know for sure.

In the mean-time a work-around is to disable postfix by commenting the line that contains check_policy_service inet:127.0.0.1:60000 and uncommenting the alternative version of the line above (that doesn't contain check_policy_service inet:127.0.0.1:60000).

The side-effect of this will be that you might get a little more spam through, but a more likely consequence is that you will eat more processor time as MailScanner/SA/Clamav etc processes every inbound message.

Sorry again for the inconvenience - It's actually quite embarrassing...

-Andy

Reply
0 Kudos
LogIQ
Contributor
Contributor

Hi Andy,

Nothing to be embarrassed over, I bet you will get it working in no time...

I am a little confused about your work-around; I can not find a line above the line check_policy_service inet:127.0.0.1:60000 that I can uncomment.

\- Ulrich

Reply
0 Kudos
DaleMontgomery
Contributor
Contributor

For now I also commented out this line in main.cf (added the # in the font)

\# smtpd_recipient_restrictions = reject_non_fqdn_recipient,reject_unknown_recipient_domain,

permit_mynetworks,reject_unauth_destination,check_recipient_access hash:/etc/postfix/recipient_access,check_policy_service inet:127.0.0.1:60000

(Just like rooter_c suggested)

The quarantine with release option part of 1.6 makes it so much better!

Message was edited by:

ken.cline@hp.com to narrow the display. I split the "reject" between "domain," and "permit_" - it should be just one line

Reply
0 Kudos
emporio
Contributor
Contributor

I did same thing and its working fine>

Andy 1.6 is great. I haven't got to explore it fully but quarantine, reporting, graph and rest is awesome. Very professional

thx gain for ESVA, it rocks

-emp

Reply
0 Kudos
rooter_c
Contributor
Contributor

I agree It Rocks!

Reply
0 Kudos
LogIQ
Contributor
Contributor

Hi Andy,

While doing some testing og ESVA 1.6 I have encountered some problems. I have been sending test-emails from my hotmail, my yahoo-mail and from my gmail, and they do not arrive in my mailbox.

My Hotmail was caught by ESVA, so I whitelisted it and then I received the e-mail.

The e-mails from the other two are listed as clean in MailWatch, although the do not get through to my mailbox.

I am suspecting it beeing because I forward all mails from the receiving mailbox to another, but should that really cause a problem?

Also quite a few e-mail are believed to be clean by ESVA, but are in fact spam. I would say that 1 out of every 5-8 spam are found clean, is there a way to get it more precise?

Could I teach ESVA manually to get better? I have been running ASSP, and I have some 50000 spam and about 10000 ham mails there, could I feed those to ESVA to make it better?

ESVA is a very nice product, but I need it to be more precise before putting it into production.

Also I have a suggestion or a request for a solution. I want to run 2 ESVA on 2 different servers in 2 different datacenters, one for MX 10, and another for MX20 for failover.

Is there a way to replicate all the users settings and the SA database etc. between 2 servers automatically?

Thx Andy for doing a good job!

\- Ulrich

Reply
0 Kudos
emporio
Contributor
Contributor

Is anyone using ESVA also as Outgoing Mail gateway?

Reply
0 Kudos
rooter_c
Contributor
Contributor

I just found another issue, the user gets a spam notification email, but when they click the link to release the mail, it sends it back to the original sender instead of releasing it to the user. I can release it manually ok? Where do I look for the config for that function?

ta.

Reply
0 Kudos
rooter_c
Contributor
Contributor

Actually, I just tried it on another email and it worked ok? Must be something in the message format maybe?

ta

Reply
0 Kudos
DaleMontgomery
Contributor
Contributor

yes

Reply
0 Kudos
DaleMontgomery
Contributor
Contributor

Is anyone using ESVA also as Outgoing Mail gateway?

yes

Reply
0 Kudos
DaleMontgomery
Contributor
Contributor

I just found another issue, the user gets a spam

notification email, but when they click the link to

release the mail, it sends it back to the original

sender instead of releasing it to the user. I can

release it manually ok? Where do I look for the

config for that function?

ta.

In my limited testing, the release link has been working as expected.

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

OK guys - Here's the fix:

chown -R postgrey /var/spool/postfix/postgrey

It would seem that the permissions were wrong...

Sorry for the hassle. I'll update the downloadable version...

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Haven't come across that before, but anything's possible I guess. The funtionality is contained in /var/www/cgi-bin/release-msg.cgi if anyone's interested in making this better - There isn't much code in there, so not sure what could go wrong really...

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

That has been tested and should work OK - I have even put custom postgrey rules to skip private addresses (10/8, 172.16/12, 192.168/16)...

Just follow the instructions in the install guide and it should work...

-Andy

Reply
0 Kudos
emporio
Contributor
Contributor

My Internet provider is ATT any connection on port 25 required authentication. Is it possible to configure ESVA using att account ( to provide user name and password)?

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Once you enable postgrey this should improve dramatically (in practice this is what does all the hard work).

To train SA like that would depend on the format of the messages that you have and how you feed them to ESVA.

This doc explains how to feed sa-learn from an exchange public folder: http://wiki.mailscanner.info/doku.php?id=documentation:anti_spam:spamassassin:sa-learn:msexchange

You could also consider implementing Rules Du Jour (http://www.fsl.com/support/) to fine tune SA.

\- Oh and as for the central repository thing - it's something I've been giving some thought to, but I can't see it being available (by me anyway) till the new year, and that's probably going to be a chargeable product (but not too expensive - it will be a lot cheaper than most other commercial products - including ones that don't scale...)

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Will they not allow you to deliver directly?

You can put a rule to deliver all outbound mail (i.e. destinations not listed in /etc/MailScanner/transport) to a specific address (relay), but not sure about authentication...

-Andy

Reply
0 Kudos
rooter_c
Contributor
Contributor

Andy I'm still not getting any joy with postgrey, what's the test to see if it's running properly?

ta.

Reply
0 Kudos